One advantage of computer networks is that they allow access to resources from distributed computer devices. However, this can pose difficulties with respect to network security. In particular, it may be desirable to restrict access or require complex or more stringent security procedures with respect to computer devices that are in locations where physical access to the devices is not adequately controlled. However, it may be undesirable to restrict access or require complex security procedures with respect to computer devices that are in a secure location, such as in a facility to which physical access by persons is controlled in a secure way. Therefore, it is desirable to distinguish between devices that are in secure locations and those that are not.
In order to identify different computer devices, networks may use various addressing schemes. For example, in a Transmission Control Protocol/Internet Protocol (TCP/IP) network, devices can be distinguished from one another based on one or more elements of their assigned IP address. An additional means for identifying computer devices is through the device media access control (MAC) address. Therefore, computer networks can apply different security requirements based on whether such an address is associated with a computer known to be at a secure location or not. However, these identifiers and addresses can be forged or spoofed by those wishing to gain unauthorized access to the computer resource. Therefore, computer resources that comprise access points through computer devices located in public or other unsecure locations have either been vulnerable to unauthorized access, and/or have needed to apply stringent security measures to all access points, including those in secure locations.
The more secure or stringent measures for controlling access to networked computer resources can be cumbersome and difficult to use and administer. For example, one means for verifying that a source or computer device is a trusted source is through the use of digital certificates and encryption. However, these can require exchanges of encryption key information or the involvement of third party verification providers. Moreover, such procedures need to be applied to all attempts at accessing the protected computer resource, even if the access attempt is in fact from a computer device or source in a secure location. Therefore, it would be desirable to distinguish between trusted and untrusted computer devices or sources, so that a level of security that is appropriate to the potential threat can be applied.